[145069] in cryptography@c2.net mail archive
Re: TLS break
daemon@ATHENA.MIT.EDU (David-Sarah Hopwood)
Mon Nov 16 12:18:19 2009
Date: Wed, 11 Nov 2009 23:58:45 +0000
From: David-Sarah Hopwood <david-sarah@jacaranda.org>
To: cryptography@metzdowd.com
In-Reply-To: <20091111011150.9CED833CAB@absinthe.tinho.net>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigD87DA1AA203BE5AAFE441D42
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
dan@geer.org wrote:
> |=20
> | This is the first attack against TLS that I consider to be
> | the real deal. To really fix it is going to require a change to
> | all affected clients and servers. Fortunately, Eric Rescorla
> | has a protocol extension that appears to do the job.
> |=20
>=20
> ...silicon...
No-one in their right mind implements a protocol as complicated as TLS
in silicon that they can't update. They may implement various building
blocks in hardware, and connect them together with firmware. An update
like this would "only" require changing the firmware, although that may
be difficult enough.
--=20
David-Sarah Hopwood =E2=9A=A5 http://davidsarah.livejournal.com
--------------enigD87DA1AA203BE5AAFE441D42
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iF4EAREIAAYFAkr7T7UACgkQWUc8YzyzqAfSgwEAhcDdHNUi2NW+0N6W0mjy8DM3
NSpucOybV8fBeha152kBAIaXx6CO9x0/D3JeuKIQLLzTNIbXoJwk4eW81fBTBUCn
=1XHl
-----END PGP SIGNATURE-----
--------------enigD87DA1AA203BE5AAFE441D42--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
